# default HBAC policy that grants permission to all services
dn: ipauniqueid=autogenerate,cn=hbac,$SUFFIX
changetype: add
objectclass: ipaassociation
objectclass: ipahbacrule
cn: allow_all
accessruletype: allow
usercategory: all
hostcategory: all
sourcehostcategory: all
servicecategory: all
ipaenabledflag: TRUE
description: Allow all users to access any host from any host
ipauniqueid: autogenerate